CVE-2020-1130

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.

Published: Sep 11, 2020
Updated: May 4, 2025
CVE: CVE-2020-1130
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_10	1607	1607.x
microsoft / windows_10	1709	1709.x
microsoft / visual_studio	2015-update3	2015-update3.x
microsoft / windows_10	1803	1803.x
microsoft / windows_10	1809	1809.x
microsoft / windows_server_2016	1903	1903.x
microsoft / windows_10	1903	1903.x
microsoft / windows_server_2016	1909	1909.x
microsoft / windows_10	1909	1909.x
microsoft / windows_10	2004	2004.x
microsoft / windows_server_2016	2004	2004.x
microsoft / visual_studio_2019	16.5	16.7.3
microsoft / visual_studio_2017	15.0	15.9.27
microsoft / visual_studio_2019	16.0	16.4.13

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1130

Vulnerability Database

289,599

CVE-2020-1130